Explore top 10 tips to secure your open-source projects now. Read More
×Affected Products: * Containers Module 15-SP5 * openSUSE Leap 15.5 * openSUSE Leap Micro 5.5 . # Security update for cdi-apiserver-container, cdi-cloner-container, cdi- controller-container, cdi-importer-container, cdi-operator-container, cdi- uploadproxy-container, cdi-uploadserver-container, cont Announcement ID: SUSE-SU-2024:2668-1 Rating: moderate References: Affected Products: * Containers Module 15-SP5 * openSUSE Leap 15.5 * openSUSE Leap Micro 5.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that can now be installed. ## Description: This update for cdi-apiserver-container, cdi-cloner-container, cdi-controller- container, cdi-importer-container, cdi-operator-container, cdi-uploadproxy- container, cdi-uploadserver-container, containerized-data-importer fixes the following issues: Update to version 1.59.0 * Release notes importer/releases/tag/v1.59.0 * Release notes importer/releases/tag/v1.58.1 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-2668=1 openSUSE-SLE-15.5-2024-2668=1 * openSUSE Leap Micro 5.5 zypper in -t patch openSUSE-Leap-Micro-5.5-2024-2668=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-2668=1 * Containers Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Containers-15-SP5-2024-2668=1 ## Package List: * openSUSE Leap 15.5 (x86_64) * containerized-data-importer-controller-debuginfo-1.59.0-150500.6.18.1 * containerized-data-importer-uploadproxy-debuginfo-1.59.0-150500.6.18.1 * containerized-data-importer-uploadserver-debuginfo-1.59.0-150500.6.18.1 *obs-service-cdi_containers_meta-1.59.0-150500.6.18.1 * containerized-data-importer-controller-1.59.0-150500.6.18.1 * containerized-data-importer-api-1.59.0-150500.6.18.1 * containerized-data-importer-importer-1.59.0-150500.6.18.1 * containerized-data-importer-operator-debuginfo-1.59.0-150500.6.18.1 * containerized-data-importer-uploadserver-1.59.0-150500.6.18.1 * containerized-data-importer-operator-1.59.0-150500.6.18.1 * containerized-data-importer-cloner-1.59.0-150500.6.18.1 * containerized-data-importer-uploadproxy-1.59.0-150500.6.18.1 * containerized-data-importer-manifests-1.59.0-150500.6.18.1 * containerized-data-importer-cloner-debuginfo-1.59.0-150500.6.18.1 * containerized-data-importer-api-debuginfo-1.59.0-150500.6.18.1 * containerized-data-importer-importer-debuginfo-1.59.0-150500.6.18.1 * openSUSE Leap Micro 5.5 (x86_64) * containerized-data-importer-manifests-1.59.0-150500.6.18.1 * SUSE Linux Enterprise Micro 5.5 (x86_64) * containerized-data-importer-manifests-1.59.0-150500.6.18.1 * Containers Module 15-SP5 (x86_64) * containerized-data-importer-manifests-1.59.0-150500.6.18.1 . This release resolves substantial concerns in various CDI containers for SUSE and openSUSE customers. Please apply the newest updates.. SUSE 15 SP5 Update, cdi-apiserver-container, Container Security Advisory. . LinuxSecurity.com Team
* bsc#1224119 Cross-References: * CVE-2024-3727 . # Security update for cdi-apiserver-container, cdi-cloner-container, cdi- controller-container, cdi-importer-container, cdi-operator-container, cdi- uploadproxy-container, cdi-uploadserver-container, cont Announcement ID: SUSE-SU-2024:1989-1 Rating: important References: * bsc#1224119 Cross-References: * CVE-2024-3727 CVSS scores: * CVE-2024-3727 ( SUSE ): 8.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H Affected Products: * Containers Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for cdi-apiserver-container, cdi-cloner-container, cdi-controller- container, cdi-importer-container, cdi-operator-container, cdi-uploadproxy- container, cdi-uploadserver-container, containerized-data-importer fixes the following issues: * Bump github.com/containers/image/v5 (bsc#1224119, CVE-2024-3727) * Remove SLE15 SP4 from the distro check (end of general support) * Add LABEL with source URL ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-1989=1 openSUSE-SLE-15.6-2024-1989=1 * Containers Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Containers-15-SP6-2024-1989=1 ## Package List: * openSUSE Leap 15.6 (x86_64) * containerized-data-importer-uploadserver-1.58.0-150600.3.3.2 * containerized-data-importer-controller-1.58.0-150600.3.3.2 * containerized-data-importer-cloner-1.58.0-150600.3.3.2 * containerized-data-importer-uploadproxy-debuginfo-1.58.0-150600.3.3.2 * containerized-data-importer-manifests-1.58.0-150600.3.3.2 *containerized-data-importer-api-1.58.0-150600.3.3.2 * containerized-data-importer-operator-debuginfo-1.58.0-150600.3.3.2 * containerized-data-importer-importer-1.58.0-150600.3.3.2 * containerized-data-importer-uploadserver-debuginfo-1.58.0-150600.3.3.2 * obs-service-cdi_containers_meta-1.58.0-150600.3.3.2 * containerized-data-importer-operator-1.58.0-150600.3.3.2 * containerized-data-importer-importer-debuginfo-1.58.0-150600.3.3.2 * containerized-data-importer-api-debuginfo-1.58.0-150600.3.3.2 * containerized-data-importer-controller-debuginfo-1.58.0-150600.3.3.2 * containerized-data-importer-cloner-debuginfo-1.58.0-150600.3.3.2 * containerized-data-importer-uploadproxy-1.58.0-150600.3.3.2 * Containers Module 15-SP6 (x86_64) * containerized-data-importer-manifests-1.58.0-150600.3.3.2 ## References: * https://www.suse.com/security/cve/CVE-2024-3727.html * https://bugzilla.suse.com/show_bug.cgi?id=1224119 . This revision rectifies a critical security flaw present in various CDI environments. It is essential to apply the update swiftly for maximum protection.. cdi-container, SUSE security update, important security patch, container update, CVE-2024-3727. . Severity: Important. LinuxSecurity.com Team
* bsc#1222699 Affected Products: * Containers Module 15-SP5 * openSUSE Leap 15.5 . # Security update for kubevirt, virt-api-container, virt-controller-container, virt-exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-t Announcement ID: SUSE-SU-2024:1311-1 Rating: important References: * bsc#1222699 Affected Products: * Containers Module 15-SP5 * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that has one security fix can now be installed. ## Description: This update for kubevirt, virt-api-container, virt-controller-container, virt- exportproxy-container, virt-exportserver-container, virt-handler-container, virt-launcher-container, virt-libguestfs-tools-container, virt-operator- container, virt-pr-helper-container fixes the following issues: * Improve the OrdinalPodInterfaceName mechanism (bsc#1222699) Also containers were rebuilt against the current released updates. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1311=1 SUSE-2024-1311=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-1311=1 * Containers Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Containers-15-SP5-2024-1311=1 ## Package List: * openSUSE Leap 15.5 (x86_64) * kubevirt-virt-exportserver-debuginfo-1.1.1-150500.8.15.1 * kubevirt-virt-controller-debuginfo-1.1.1-150500.8.15.1 * kubevirt-virt-controller-1.1.1-150500.8.15.1 * kubevirt-virtctl-1.1.1-150500.8.15.1 * obs-service-kubevirt_containers_meta-1.1.1-150500.8.15.1 *kubevirt-pr-helper-conf-1.1.1-150500.8.15.1 * kubevirt-virt-api-1.1.1-150500.8.15.1 * kubevirt-virt-exportproxy-1.1.1-150500.8.15.1 * kubevirt-virt-api-debuginfo-1.1.1-150500.8.15.1 * kubevirt-virt-operator-1.1.1-150500.8.15.1 * kubevirt-container-disk-1.1.1-150500.8.15.1 * kubevirt-virt-launcher-debuginfo-1.1.1-150500.8.15.1 * kubevirt-tests-1.1.1-150500.8.15.1 * kubevirt-virt-exportproxy-debuginfo-1.1.1-150500.8.15.1 * kubevirt-virt-operator-debuginfo-1.1.1-150500.8.15.1 * kubevirt-virtctl-debuginfo-1.1.1-150500.8.15.1 * kubevirt-virt-launcher-1.1.1-150500.8.15.1 * kubevirt-manifests-1.1.1-150500.8.15.1 * kubevirt-virt-exportserver-1.1.1-150500.8.15.1 * kubevirt-virt-handler-1.1.1-150500.8.15.1 * kubevirt-tests-debuginfo-1.1.1-150500.8.15.1 * kubevirt-virt-handler-debuginfo-1.1.1-150500.8.15.1 * kubevirt-container-disk-debuginfo-1.1.1-150500.8.15.1 * SUSE Linux Enterprise Micro 5.5 (x86_64) * kubevirt-manifests-1.1.1-150500.8.15.1 * kubevirt-virtctl-1.1.1-150500.8.15.1 * kubevirt-virtctl-debuginfo-1.1.1-150500.8.15.1 * Containers Module 15-SP5 (x86_64) * kubevirt-manifests-1.1.1-150500.8.15.1 * kubevirt-virtctl-1.1.1-150500.8.15.1 * kubevirt-virtctl-debuginfo-1.1.1-150500.8.15.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1222699 . SUSE announces a vital upgrade for kubevirt and associated containers, tackling significant security vulnerabilities and corrections.. kubevirt patch, SUSE security update, openSUSE containers fix. . Severity: Important. LinuxSecurity.com Team
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2024-12191 https://linux.oracle.com/errata/ELSA-2024-12191.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable LinuxNetwork: x86_64: buildah-1.24.6-7.module+el8.9.0+90165+ead7974e.x86_64.rpm buildah-tests-1.24.6-7.module+el8.9.0+90165+ead7974e.x86_64.rpm cockpit-podman-46-1.module+el8.9.0+90165+ead7974e.noarch.rpm cockpit-podman-46-1.module+el8.9.0+90165+ead7974e.noarch.rpm conmon-2.1.4-2.module+el8.9.0+90165+ead7974e.x86_64.rpm containernetworking-plugins-1.1.1-6.module+el8.9.0+90165+ead7974e.x86_64.rpm containernetworking-plugins-1.1.1-6.module+el8.9.0+90165+ead7974e.x86_64.rpm containers-common-1-38.0.1.module+el8.9.0+90165+ead7974e.x86_64.rpm aardvark-dns-1.0.1-38.0.1.module+el8.9.0+90165+ead7974e.x86_64.rpm containers-common-1-38.0.1.module+el8.9.0+90165+ead7974e.x86_64.rpm netavark-1.0.1-38.0.1.module+el8.9.0+90165+ead7974e.x86_64.rpm container-selinux-2.205.0-3.module+el8.9.0+90165+ead7974e.noarch.rpm container-selinux-2.205.0-3.module+el8.9.0+90165+ead7974e.noarch.rpm criu-3.15-3.module+el8.9.0+90165+ead7974e.x86_64.rpm crit-3.15-3.module+el8.9.0+90165+ead7974e.x86_64.rpm python3-criu-3.15-3.module+el8.9.0+90165+ead7974e.x86_64.rpm criu-devel-3.15-3.module+el8.9.0+90165+ead7974e.x86_64.rpm criu-libs-3.15-3.module+el8.9.0+90165+ead7974e.x86_64.rpm crun-1.8.7-1.module+el8.9.0+90165+ead7974e.x86_64.rpm fuse-overlayfs-1.9-2.module+el8.9.0+90165+ead7974e.x86_64.rpm fuse-overlayfs-1.9-2.module+el8.9.0+90165+ead7974e.x86_64.rpm libslirp-4.4.0-1.module+el8.9.0+90165+ead7974e.x86_64.rpm libslirp-devel-4.4.0-1.module+el8.9.0+90165+ead7974e.x86_64.rpm oci-seccomp-bpf-hook-1.2.5-2.module+el8.9.0+90165+ead7974e.x86_64.rpm podman-4.0.2-26.module+el8.9.0+90165+ead7974e.x86_64.rpm podman-4.0.2-26.module+el8.9.0+90165+ead7974e.x86_64.rpm podman-docker-4.0.2-26.module+el8.9.0+90165+ead7974e.noarch.rpm podman-docker-4.0.2-26.module+el8.9.0+90165+ead7974e.noarch.rpm podman-remote-4.0.2-26.module+el8.9.0+90165+ead7974e.x86_64.rpm podman-tests-4.0.2-26.module+el8.9.0+90165+ead7974e.x86_64.rpm podman-plugins-4.0.2-26.module+el8.9.0+90165+ead7974e.x86_64.rpm podman-catatonit-4.0.2-26.module+el8.9.0+90165+ead7974e.x86_64.rpm podman-gvproxy-4.0.2-26.module+el8.9.0+90165+ead7974e.x86_64.rpm python3-podman-4.0.0-2.module+el8.9.0+90165+ead7974e.noarch.rpm runc-1.1.12-1.0.1.module+el8.9.0+90165+ead7974e.x86_64.rpm runc-1.1.12-1.0.1.module+el8.9.0+90165+ead7974e.x86_64.rpm containers-common-1-38.0.1.module+el8.9.0+90165+ead7974e.x86_64.rpm containers-common-1-38.0.1.module+el8.9.0+90165+ead7974e.x86_64.rpm skopeo-1.6.2-9.module+el8.9.0+90165+ead7974e.x86_64.rpm skopeo-tests-1.6.2-9.module+el8.9.0+90165+ead7974e.x86_64.rpm slirp4netns-1.1.8-3.module+el8.9.0+90165+ead7974e.x86_64.rpm slirp4netns-1.1.8-3.module+el8.9.0+90165+ead7974e.x86_64.rpm udica-0.2.6-4.module+el8.9.0+90165+ead7974e.noarch.rpm aarch64: buildah-1.24.6-7.module+el8.9.0+90165+ead7974e.aarch64.rpm buildah-tests-1.24.6-7.module+el8.9.0+90165+ead7974e.aarch64.rpm cockpit-podman-46-1.module+el8.9.0+90165+ead7974e.noarch.rpm cockpit-podman-46-1.module+el8.9.0+90165+ead7974e.noarch.rpm conmon-2.1.4-2.module+el8.9.0+90165+ead7974e.aarch64.rpm containernetworking-plugins-1.1.1-6.module+el8.9.0+90165+ead7974e.aarch64.rpm containernetworking-plugins-1.1.1-6.module+el8.9.0+90165+ead7974e.aarch64.rpm containers-common-1-38.0.1.module+el8.9.0+90165+ead7974e.aarch64.rpm aardvark-dns-1.0.1-38.0.1.module+el8.9.0+90165+ead7974e.aarch64.rpm containers-common-1-38.0.1.module+el8.9.0+90165+ead7974e.aarch64.rpm netavark-1.0.1-38.0.1.module+el8.9.0+90165+ead7974e.aarch64.rpm container-selinux-2.205.0-3.module+el8.9.0+90165+ead7974e.noarch.rpm container-selinux-2.205.0-3.module+el8.9.0+90165+ead7974e.noarch.rpm criu-3.15-3.module+el8.9.0+90165+ead7974e.aarch64.rpm crit-3.15-3.module+el8.9.0+90165+ead7974e.aarch64.rpm python3-criu-3.15-3.module+el8.9.0+90165+ead7974e.aarch64.rpm criu-devel-3.15-3.module+el8.9.0+90165+ead7974e.aarch64.rpm criu-libs-3.15-3.module+el8.9.0+90165+ead7974e.aarch64.rpm crun-1.8.7-1.module+el8.9.0+90165+ead7974e.aarch64.rpm fuse-overlayfs-1.9-2.module+el8.9.0+90165+ead7974e.aarch64.rpm fuse-overlayfs-1.9-2.module+el8.9.0+90165+ead7974e.aarch64.rpm libslirp-4.4.0-1.module+el8.9.0+90165+ead7974e.aarch64.rpm libslirp-devel-4.4.0-1.module+el8.9.0+90165+ead7974e.aarch64.rpm oci-seccomp-bpf-hook-1.2.5-2.module+el8.9.0+90165+ead7974e.aarch64.rpm podman-4.0.2-26.module+el8.9.0+90165+ead7974e.aarch64.rpm podman-4.0.2-26.module+el8.9.0+90165+ead7974e.aarch64.rpm podman-docker-4.0.2-26.module+el8.9.0+90165+ead7974e.noarch.rpm podman-docker-4.0.2-26.module+el8.9.0+90165+ead7974e.noarch.rpm podman-remote-4.0.2-26.module+el8.9.0+90165+ead7974e.aarch64.rpm podman-tests-4.0.2-26.module+el8.9.0+90165+ead7974e.aarch64.rpm podman-plugins-4.0.2-26.module+el8.9.0+90165+ead7974e.aarch64.rpm podman-catatonit-4.0.2-26.module+el8.9.0+90165+ead7974e.aarch64.rpm podman-gvproxy-4.0.2-26.module+el8.9.0+90165+ead7974e.aarch64.rpm python3-podman-4.0.0-2.module+el8.9.0+90165+ead7974e.noarch.rpm runc-1.1.12-1.0.1.module+el8.9.0+90165+ead7974e.aarch64.rpm runc-1.1.12-1.0.1.module+el8.9.0+90165+ead7974e.aarch64.rpm containers-common-1-38.0.1.module+el8.9.0+90165+ead7974e.aarch64.rpm containers-common-1-38.0.1.module+el8.9.0+90165+ead7974e.aarch64.rpm skopeo-1.6.2-9.module+el8.9.0+90165+ead7974e.aarch64.rpm skopeo-tests-1.6.2-9.module+el8.9.0+90165+ead7974e.aarch64.rpm slirp4netns-1.1.8-3.module+el8.9.0+90165+ead7974e.aarch64.rpm slirp4netns-1.1.8-3.module+el8.9.0+90165+ead7974e.aarch64.rpm udica-0.2.6-4.module+el8.9.0+90165+ead7974e.noarch.rpm SRPMS: https://oss.oracle.com:443/ol8/SRPMS-updates//buildah-1.24.6-7.module+el8.9.0+90165+ead7974e.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates//cockpit-podman-46-1.module+el8.9.0+90165+ead7974e.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates//conmon-2.1.4-2.module+el8.9.0+90165+ead7974e.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates//containernetworking-plugins-1.1.1-6.module+el8.9.0+90165+ead7974e.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates//containers-common-1-38.0.1.module+el8.9.0+90165+ead7974e.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates//container-selinux-2.205.0-3.module+el8.9.0+90165+ead7974e.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates//criu-3.15-3.module+el8.9.0+90165+ead7974e.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates//crun-1.8.7-1.module+el8.9.0+90165+ead7974e.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates//fuse-overlayfs-1.9-2.module+el8.9.0+90165+ead7974e.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates//libslirp-4.4.0-1.module+el8.9.0+90165+ead7974e.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates//oci-seccomp-bpf-hook-1.2.5-2.module+el8.9.0+90165+ead7974e.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates//podman-4.0.2-26.module+el8.9.0+90165+ead7974e.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates//python-podman-4.0.0-2.module+el8.9.0+90165+ead7974e.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates//runc-1.1.12-1.0.1.module+el8.9.0+90165+ead7974e.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates//skopeo-1.6.2-9.module+el8.9.0+90165+ead7974e.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates//slirp4netns-1.1.8-3.module+el8.9.0+90165+ead7974e.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates//udica-0.2.6-4.module+el8.9.0+90165+ead7974e.src.rpm Related CVEs: CVE-2023-39326 Description of changes: buildah cockpit-podman conmon containernetworking-plugins containers-common container-selinux criu crun fuse-overlayfs libslirp oci-seccomp-bpf-hook podman [2:4.0.2-26] - rebuild with golang 1.20.12 for CVE-2023-39326 python-podman runc [1:1.1.12-1.0.1] - rebuild with golang 1.20.12 for CVE-2023-39326 skopeo slirp4netns udica _______________________________________________ El-errata mailing list
The container bci/rust was updated. The following patches have been included in this update:. SUSE Container Update Advisory: bci/rust ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2024:416-1 Container Tags : bci/rust:1.74 , bci/rust:1.74-2.3.9 , bci/rust:oldstable , bci/rust:oldstable-2.3.9 Container Release : 3.9 Severity : moderate Type : security References : 1218571 CVE-2023-7207 ----------------------------------------------------------------- The container bci/rust was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2024:238-1 Released: Fri Jan 26 10:56:41 2024 Summary: Security update for cpio Type: security Severity: moderate References: 1218571,CVE-2023-7207 This update for cpio fixes the following issues: - CVE-2023-7207: Fixed a path traversal issue that could lead to an arbitrary file write during archive extraction (bsc#1218571). The following package changes have been done: - libuuid1-2.37.4-150500.9.3.1 updated - libsmartcols1-2.37.4-150500.9.3.1 updated - libblkid1-2.37.4-150500.9.3.1 updated - libfdisk1-2.37.4-150500.9.3.1 updated - cpio-2.13-150400.3.3.1 updated - libmount1-2.37.4-150500.9.3.1 updated - util-linux-2.37.4-150500.9.3.1 updated - container:sles15-image-15.0.0-36.5.77 updated . The bci/rust container has been revised to include essential security upgrades. Discover the resolution applied to the path traversal vulnerability that was addressed.. bci/rust update, container security, SUSE advisory. . LinuxSecurity.com Team
The container bci/dotnet-sdk was updated. The following patches have been included in this update:. SUSE Container Update Advisory: bci/dotnet-sdk ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2024:403-1 Container Tags : bci/dotnet-sdk:8.0 , bci/dotnet-sdk:8.0-3.4 , bci/dotnet-sdk:8.0.1 , bci/dotnet-sdk:8.0.1-3.4 , bci/dotnet-sdk:latest Container Release : 3.4 Severity : moderate Type : security References : 1218571 CVE-2023-7207 ----------------------------------------------------------------- The container bci/dotnet-sdk was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2024:238-1 Released: Fri Jan 26 10:56:41 2024 Summary: Security update for cpio Type: security Severity: moderate References: 1218571,CVE-2023-7207 This update for cpio fixes the following issues: - CVE-2023-7207: Fixed a path traversal issue that could lead to an arbitrary file write during archive extraction (bsc#1218571). The following package changes have been done: - libuuid1-2.37.4-150500.9.3.1 updated - libsmartcols1-2.37.4-150500.9.3.1 updated - libblkid1-2.37.4-150500.9.3.1 updated - libfdisk1-2.37.4-150500.9.3.1 updated - cpio-2.13-150400.3.3.1 updated - libmount1-2.37.4-150500.9.3.1 updated - util-linux-2.37.4-150500.9.3.1 updated - container:sles15-image-15.0.0-36.5.77 updated . A security enhancement for SUSE bci/dotnet-sdk resolves path manipulation vulnerabilities and incorporates vital fixes.. Container Updates, Security Patches, bci/dotnet-sdk. . LinuxSecurity.com Team
The container suse/rmt-mariadb was updated. The following patches have been included in this update:. SUSE Container Update Advisory: suse/rmt-mariadb ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2024:399-1 Container Tags : suse/mariadb:10.6 , suse/mariadb:10.6-17.8 , suse/mariadb:latest , suse/rmt-mariadb:10.6 , suse/rmt-mariadb:10.6-17.8 , suse/rmt-mariadb:latest Container Release : 17.8 Severity : moderate Type : security References : 1218571 CVE-2023-7207 ----------------------------------------------------------------- The container suse/rmt-mariadb was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2024:238-1 Released: Fri Jan 26 10:56:41 2024 Summary: Security update for cpio Type: security Severity: moderate References: 1218571,CVE-2023-7207 This update for cpio fixes the following issues: - CVE-2023-7207: Fixed a path traversal issue that could lead to an arbitrary file write during archive extraction (bsc#1218571). The following package changes have been done: - libuuid1-2.37.4-150500.9.3.1 updated - libsmartcols1-2.37.4-150500.9.3.1 updated - libblkid1-2.37.4-150500.9.3.1 updated - libfdisk1-2.37.4-150500.9.3.1 updated - cpio-2.13-150400.3.3.1 updated - libmount1-2.37.4-150500.9.3.1 updated - util-linux-2.37.4-150500.9.3.1 updated - container:sles15-image-15.0.0-36.5.76 updated . SUSE Container Security Notice tackles vulnerabilities in suse/rmt-mariadb, aiming to enhance overall system resilience.. SUSE Container, suse/rmt-mariadb, security update, path traversal, cpio. . LinuxSecurity.com Team
The container suse/rmt-mariadb-client was updated. The following patches have been included in this update:. SUSE Container Update Advisory: suse/rmt-mariadb-client ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2024:398-1 Container Tags : suse/mariadb-client:10.6 , suse/mariadb-client:10.6-14.8 , suse/mariadb-client:latest , suse/rmt-mariadb-client:10.6 , suse/rmt-mariadb-client:10.6-14.8 , suse/rmt-mariadb-client:latest Container Release : 14.8 Severity : moderate Type : security References : 1218571 CVE-2023-7207 ----------------------------------------------------------------- The container suse/rmt-mariadb-client was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2024:238-1 Released: Fri Jan 26 10:56:41 2024 Summary: Security update for cpio Type: security Severity: moderate References: 1218571,CVE-2023-7207 This update for cpio fixes the following issues: - CVE-2023-7207: Fixed a path traversal issue that could lead to an arbitrary file write during archive extraction (bsc#1218571). The following package changes have been done: - libuuid1-2.37.4-150500.9.3.1 updated - libsmartcols1-2.37.4-150500.9.3.1 updated - libblkid1-2.37.4-150500.9.3.1 updated - libfdisk1-2.37.4-150500.9.3.1 updated - cpio-2.13-150400.3.3.1 updated - libmount1-2.37.4-150500.9.3.1 updated - util-linux-2.37.4-150500.9.3.1 updated - container:sles15-image-15.0.0-36.5.76 updated . SUSE Container Bulletin SUSE-CU-2024:399-1 delivers patches for suse/rmt-mariadb-server addressing moderate privilege escalation vulnerabilities.. SUSE Container Update, suse/rmt-mariadb-client, Path Traversal, Security Advisory. . LinuxSecurity.com Team
Get the latest Linux and open source security news straight to your inbox.